// package hn.cch.spring_boot_security_rest.security;// package hn.cch.spring_boot_security_rest.security;
//
// import org.slf4j.Logger;
// import org.slf4j.LoggerFactory;
// import org.springframework.security.access.AccessDecisionManager;
// import org.springframework.security.access.AccessDeniedException;
// import org.springframework.security.access.ConfigAttribute;
// import org.springframework.security.authentication.InsufficientAuthenticationException;
// import org.springframework.security.core.Authentication;
// import org.springframework.security.core.GrantedAuthority;
// import org.springframework.stereotype.Component;
//
// import java.util.Collection;
// import java.util.Iterator;
//
// @Component("accessDecisionManager")
// public class AccessDecisionManagerImpl implements AccessDecisionManager {
//
//     private static Logger logger = LoggerFactory.getLogger(AccessDecisionManagerImpl.class);
//
//
//     @Override
//     public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
//
//         logger.info("decide");
//
//         Iterator<ConfigAttribute> iterator = collection.iterator();
//         while (iterator.hasNext()) {
//             ConfigAttribute configAttribute = iterator.next();
//             //当前请求需要的权限
//             String attribute = configAttribute.getAttribute();
//             //当前用户所具有的权限
//             Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
//             for (GrantedAuthority authority : authorities) {
//                 if (attribute.equals(authority.getAuthority()) || "ROLE_ANONYMOUS".equals(authority.getAuthority())) {
//                     return;
//                 }
//             }
//         }
//
//         throw new InsufficientAuthenticationException("权限不足");
//     }
//
//     @Override
//     public boolean supports(ConfigAttribute configAttribute) {
//         return true;
//     }
//
//     @Override
//     public boolean supports(Class<?> aClass) {
//         return true;
//     }
// }
